ucspi-ssl-0.12
ucspi-ssl is a joined project of William Baxter (Copyright 2001 SuperScript Technology, Inc.) and me (FEHCom).
ucspi-ssl home page
Requirements
- OpenSSL or LibreSSL providing crypto services.
- fehQlibs(>=17) need to be installed (usually located at /usr/local) for network and DNS services.
Installation and Customization
- Read INSTALL for installation instructions.
- Read doc/CERTS for the X.509 certificates shipped.
- Read doc/CHAIN-SSL how to configure X.509 chaining support.
Changelog and Internals
- Read doc/CHANGES for changes and bug fixes.
- Read doc/UCSPI-SSL to find some internal information.
- Read doc/TLS_1_3 how to use an OpenSSL/LibreSSL version providing TLS 1.3 support.
- Read doc/TLSVERSION_CIPHERSUITES how to tweak TLS version and cipher suites.
- Read doc/TODO what is missing still.
- Read INSTALL if you like to use ucspi-ssl with OpenSSL 3.x exceptionally.
Cryptomaterial and X.509 certs
- In the directory ./etc you will find some X.509 certificate, key files and other crypto material required for a first setup.
- All X.509 certificates use now ECC crypto instead of RSA.
- Read etc/README.certs.md.
Erwin Hoffmann, October 2023.